🔍Initial Enumeration

Reference:

https://guif.re/windowseop

OS Version & Architecture

Code

systeminfo | findstr /B /C:"OS Name" /C:"OS Version" /C:"System Type"

Example

C:\Users\student>systeminfo | findstr /B /C:"OS Name" /C:"OS Version" /C:"System Type"
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.16299 N/A Build 16299
System Type:               X86-based PC

Running Processes & Services

Code

tasklist /SVC

/SVC flag will return processes that are mapped to a specific Windows service.

Network Information

ipconfig

Code

ipconfig /all

Routing Table

Code

route print

Active Network Connections

Code

netstat -ano

Firewall Status & Rules

Code

netsh advfirewall show currentprofile

netsh advfirewall firewall show rule name=all

Scheduled Tasks

Code

schtasks /query /fo LIST /v

The /query argument displays tasks and /FO LIST sets the output format to a simple list. We can also use /V to request verbose output.

Installed Applications & Patch Levels

Code

wmic product get name, version, vendor

System-wide Updates

Code

wmic qfe get Caption, Description, HotFixID, InstalledOn

AccessChk

Code

accesschk.exe -uws "Everyone" "C:\Program Files"

-u to suppress errors, -w to search for write access permissions, and -s to perform a recursive search.

🔍Initial Enumeration (External)🖥️Initial Enmeration (Domain)

PreviousCredentialed Enumeration (PowerView)NextInitial Enumeration (External)

Last updated 3 years ago